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- ThQ MAILING DATE of this communication appears on the cover sheet with the correspondence address 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER. FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be tinroly filed 
after SIX (6) MONTHS from the nnaiiing date of this communication. 

- if NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 
• Failure to reply wfthin the set or extended period for reply will, by statute, cause the application to beconne ABANDONED (35 U.S.C. § 133). 

Any reply received by the Office later than three months after t he mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

I) 13 Responsive to communlcatlon(s) filed on 17 September 2004 , 
2a)n This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1 935 CD. 1 1 , 453 O.G. 21 3. 

Disposition of Claims 

4) 13 Claim(s) 1-24 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) 0 Claim(s) is/are allowed. 

6) ^ Claim(s) 1-24 is/are rejected. 

7) 13 Claim(s) 10 and 14 is/are objected to. 

8) 0 Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) n The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 17 September 2004 is/are: 3)0 accepted or b)l3 objected to by the Examiner. 
Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

I I) 0 The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)0 Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)n Some * 0)0 None of: 

1 .□ Certified copies of the priority documents have been received. 

2. n Certified copies of the priority documents have been received in Application No. . 

3. n Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 
Priority 

Applicant's claim for the benefit of a prior-filed application under 35 U.S.C. 120 is 
acknowledged. 

Drawings 

The drawings are objected to because the decision points in the flowchart of 
Figure 4 are not labeled 'Y' or 'N'. Corrected drawing sheets in compliance with 37 CFR 
1 .121(d) are required in reply to the Office action to avoid abandonment of the 
application. Any amended replacement drawing sheet should include all of the figures 
appearing on the immediate prior version of the sheet, even if only one figure is being 
amended. The figure or figure number of an amended drawing should not be labeled as 
"amended." If a drawing figure is to be canceled, the appropriate figure must be 
removed from the replacement sheet, and where necessary, the remaining figures must 
be renumbered and appropriate changes made to the brief description of the several 
views of the drawings for consistency. Additional replacement sheets may be necessary 
to show the renumbering of the remaining figures. Each drawing sheet submitted after 
the filing date of an application must be labeled in the top margin as either 
"Replacement Sheet" or "New Sheet" pursuant to 37 CFR 1.121(d). If the changes are 
not accepted by the examiner, the applicant will be notified and informed of any required 
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corrective action in the next Office action. The objection to the drawings will not be held 
in abeyance. 



Claim Objections 

Claim 10 is objected to because of the following informalities: There appears to 
be a period in the middle of the sentence: "resources, when". Appropriate correction is 
required. 

Claim 14 is objected to because of the following informalities: Claim 1 1 and claim 
14 are identical. 

Claim Rejections - 35 USC § 102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 
states. 

. Claims 1, 9-10, 13, 16-17, and 22 are rejected under 35 U.S.C. 102(b) as being 
anticipated by Gullotta et al. (US 6985955 B2). 

Consider claims 1, and 16-17. Gullotta et al. clearly shows and discloses a 
computer implemented method for dynamically provisioning computing resources, said 
method including: receiving a request for computing resources, wherein said request is 
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associated with an asset; determining at least one of asset classification, business 
value and resource classification related to said asset; and, provisioning said computing 
resources based on said determining step (("The system 10 provides a platform for 
defining policies and provisioning services to a user interacting with the system, or a 
user interacting with the network on which the system is operating. The system may 
designate and track the types of services as well as the types of access to these 
services for a large number of users. In the generalized examples of FIGS. 1 and 2, the 
platform system 10 may receive requests for services from user computers. The 
platform system 10 may also receive information from administrator computers relating 
to, for example, authorizations of users' requests or changes in users, policies or roles. 
The platform system 10 may also provide information to the administrator Web 
browsers or computers, including, for example, reports on operation and service usage. 
The platform system 10 may provide requests, instructions, or other information to 
service providers or managed services computers related to providing services to the 
users, based on user requests, policies, roles, organizational information, and attributes. 
The platform system 10 may control access to services, such as data, files, programs or 
other electronic information from database or storage systems to the users, based on 
user requests, policies, roles, organizational information, and attributes.") column 5 lines 
1 3-35 ("Policies are written based on these roles and attributes. Because attributes can 
be used in addition to roles to define a policy, the task of defining the relationship 
between users and resources is made more efficient. Attributes can take on multiple 
values, and thus a single policy definition can be written in Boolean form using IF- 
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THEN-ELSE IF statements (or the equivalent) to account for different attribute values, 
instead of multiple role definitions using IF-THEN statements. It should be noted that 
although IF-THEN-ELSE statements are presented herein for purposes of explanation 
only, in embodiments of the present invention any programming language and syntax 
capable of implementing the equivalent Boolean statements may be employed.") 
column 18 lines 34-46 ( "The user applications 1 10 may also include one or more Form 
Viewer applications 124 that dynamically display forms as they are designed by the 
Form Generation administration application 114. The access level of the user 
determines which form, if any, the Form Viewer application will display In different 
situations. One or more Report Viewer applications 126 may be included for allowing a 
user to instruct a Report Engine in the platform subsystem 104 to execute predefined 
reports, and for displaying the results to the user. The access level of the user 
determines which reports the Report Viewer will provide. In addition, the user 
applications include applications for allowing a user to submit a request for provisioned 
services. The user applications 110 may also include a Policy Management application 
128 that provides an interface for defining policies that control the provisioning of 
services to users. In addition, constraints on individual attributes of services may be 
defined. The policies determine an association between the users and the services or 
resources, and constraints on those services provisioned to the users, based on 
attributes and user roles. The policies may define one or a series of approvals that are 
required before provisioning a given service or any service to a user. For example, such 
approvals may be required from one or more other users acting in a supervisory role. 
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Policies may require one or more approvals if an attribute constraint is violated. The 
approvals may be defined using a Workflow Management application 1 30, which 
provides an interface for defining the approval process needed for a request in the 
system.") column 11 lines 24-52 ("The applications services 132 may also include a 
Policy Engine 148 for executing policies that associate users with services. The Policy 
Engine 148 functions to determine whether or not provisioning requests conform to 
defined policies and to provide correct recovery procedures in the event that a policy is 
violated. If an approval is needed for a provisioning request, the Policy Engine 148 
interfaces with a Workflow Engine 150 to notify and obtain authorization instructions 
from the appropriate authorization entity, which may be, for example, one or more users 
having pre-defined supervisory roles. The Workflow Engine 150 functions to execute 
and track transactions within the system. Such transactions may include provisioning 
and de-provisioning of services, user status changes, and the approval process 
associated with a provisioning request in the system. In preferred embodiments, users 
with appropriate access levels may, through a client application, query the Workflow 
Engine for status information relating to a transaction (such as a provisioning request) 
being executed by the system.") column 12 lines 34-53). 

Consider claims 9-10, and as applied to claim 1, above. Gullotta et al. discloses a 
method of claim 1 further including de-provisioning said computing resources 
(("Preferred embodiments of the system described herein perform these actions 
automatically based on the role of the person within the organization and policies that 
are pre-defined for the organization. The policies may be based on the needs of the 
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organization and the requirements of each particular role within the organization, such 
that resources may be provisioned to each user to meet the needs and the 
requirements of the user's particular role in the organization.") column 9 lines 47-54). 

Consider claims 13 and 22, and as applied to claim 1 , above. Gullotta et al. 
discloses a method of claim 1 further including defining which processes may be 
suspended in the event said asset requires additional computing resources (("Upon 
termination or suspension or a user, or if a user should take a leave of absence, 
embodiments of the present invention may also suspend the provisioning of resources, 
rather than de-provisioning them. For example, if a terminated user has threatened to 
take legal action against the company, the user's e-mail account may be suspended but 
not deleted, so that the user cannot access the e-mail account, but the e-mails may 
nevertheless be reviewed by the company in anticipation of litigation.") column 20 lines 
23-31). 



Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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The factual inquiries set forth in Graham v. John Deere Co., 383 U.S. 1 , 148 
USPQ 459 (1966), that are applied for establishing a background for determining 
obviousness under 35 U.S.C. 103(a) are summarized as follows: 

1 . Determining the scope and contents of the prior art. 

2. Ascertaining the differences between the prior art and the claims at issue. 

3. Resolving the level of ordinary skill in the pertinent art. 

4. Considering objective evidence present in the application indicating 
obviousness or nonobviousness. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 103(a). 

Claim 2 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Hartsell et al. (20020174227). 

Consider claim 2, and as applied to claim 1 , above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
However, Gullotta et al., fails to disclose a method including determining a data 
classification of said asset. Hartsell et al. discloses a method including determining a 
data classification of said asset (("It will be understood that in the delivery of 
differentiated services using the disclosed systems and methods, including those . 
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illustrated in FIGS. 9A-9D, any packet classification technology (e.g., WAN packet 
classification technology) that is suitable for classifying or differentiating packets of data 
may be employed to enable such delivery of differentiated services. Such technologies 
may be employed to allow the disclosed systems and methods to read incoming packet 
markings/labels representative of one or more policy-indicative parameters associated 
with Information management policy (e.g., class identification parameters, etc.), to allow 
the disclosed systems and methods to mark or tag outgoing packets with 
markings/labels representative of one or more policy-indicative parameters associated 
with information management policy, or a combination thereof. With regard to packet 
classification technologies, the disclosed differentiated service functionalities may be 
implemented using principals that are compatible with, or that apply to, any suitable 
types of layer two through layer seven packet classification technologies including, but 
not limited to, Ethernet 802.1 P/Q, Diffserv, IPv6, MPLS, Integrated Services (RSVP, 
etc.), ATM QoS, etc. In one embodiment, the disclosed systems and methods may be 
advantageously enabled to perform such packet classification functionalities by virtue of 
the presence and functionality of a network interface processing engine as is described 
in relation to FIGS. 1A and 2 herein.") paragraph 0281). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including determining a data 
classification of said asset as taught by Hartsell et a!., with a computer implemented 
method for dynamically provisioning computing resources as taught by Gullotta et al. for 
the purpose of QoS provisioning. 
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Claim 3 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Mullen et al. (US 7003560 B1). 

Consider claim 3, and as applied to claim 1 , above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
However, Gullotta et al., fails to disclose a method wherein a determining asset 
classification further includes determining if said asset is at least one of public, business 
confidential, private, and secret. Mullen et al. discloses a method wherein a determining 
asset classification further includes determining if said asset is at least one of public, 
business confidential, private, and secret (("The continuous improvement tools 1 74 
include applications that capture feedback on the quality process and can take actions 
to improve it or notify individual end-users 24, by e-mail for example, if necessary. The 
continuous improvement tools 174 also preferentially include applications that can 
create an electronic suggestion mailbox to receive suggestions from various end-users 
24, employees, as well as public users of the data warehouse computing system 20. 
Those skilled in the art of programming would recognize that the continuous 
improvement tools of the quality management tools 66 may be used in various 
applications.") column 15 lines 18-30 ("FIG. 7 illustrates metadata management 130 of 
data warehouse computing system 20. Metadata managemerit 130 incorporates the 
collection and publication of information about the data itself, that is, both the business 
meaning and the technical characteristics of the data. Metadata management 130 is not 
any one data store, process or architecture. Metadata management 130 has 
components of a data store, a process, and an architecture, and is dependent on the 
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other components within the data warehouse computing system 20. Because metadata 
exists within practically every component of the data warehouse architecture 40, 
metadata needs to be actively managed to be properly defined, collected and utilized.") 
column 25 lines 43-55). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method wherein a determining asset 
classification further includes determining if said asset is at least one of public, business 
confidential, private, and secret as taught by Mullen et al. with a computer implemented 
method for dynamically provisioning computing resources as taught by Gullotta et al. for 
the purpose of QoS policies. 

Claim 4 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Lu et al. (US 20020194350 Al). 

Consider claim 4, and as applied to claim 1 , above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
However, Gullotta et al., fails to disclose a method wherein a determining business 
value further includes determining if said asset business value is at least one of low, 
medium and high. Lu et al. discloses a method wherein a determining business value 
further includes determining if said asset business value (("The classification on 
application layer (Layer 7) content makes it possible to assign, in combination with the 
policy table 188, more refined transmit instructions for a packet. In general, the inbound 
packets are classified based on at least three categories of information. The first one is ^ 
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related to the nature of the application. Different applications will be treated differently 
based on their business values. Different application can be identified by the associated 
URL path information. The second is related to client's history. Based on the historical 
behavior of a client, the client can be assigned a priority. A specified cookie field can be 
used to accumulate client history information, and be examined to classify the inbound 
packets. The third category is related to client's brov^/sing status. The business value 
associated with clients in different browsing stages will be different. A client in a buying 
mode who has put items into the shopping cart and/or provided his/her credit card 
information has higher business value than the clients in random surfing mode. The 
different browsing stages can be determined by examining the URL paths (i.e., the web 
pages being pointed to) and/or from specified cookie fields established to identify clients 
in different browsing stages.") paragraph 0099). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method wherein a determining 
business value further includes determining if said asset business value as taught by Lu 
et al. with a computer implemented method for dynamically provisioning computing 
resources as taught by Gullotta et al. for the purpose of data classification. 

Claim 5 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Schmidt et al. (US 20050177635 A1). 

Consider claim 5, and as applied to claim 1 , above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
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However, Gullotta et al., fails to disclose a method wherein a determining resource 
classification further includes determining if said resource classification is at least one of 
"trusted" for internal entities and "non-trusted" for external entities. Schmidt et al. 
discloses a method wherein a determining resource classification further includes 
determining if said resource classification is at least one of "trusted" for internal entities 
and "non-trusted" for external entities (("The sandbox 4 uses a large number of 
configuration parameters that may vary per application 16. Since hundreds of 
applications 16 may be hosted on a single web server computer 12, configuration of all 
parameters per application 16 is error prone. Further, configuration errors may create 
security problems. The sandbox 4 allows the definition of sets of functional constraints, 
quantitative resource limitations, and bandwidth limitations. These sets of resource 
limitations are specified by templates. Each template may be assigned to more than one 
application 16. Resource templates allow applications 16 to be assigned to different 
classes, such as light, medium and heavy resource use or trusted and untrusted 
applications 16. One embodiment of the sandbox 4 provides the following template 
categories: functionality templates, bandwidth templates, and resource templates.") 
paragraph 0052). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method wherein a determining 
resource classification further includes determining if said resource classification is at 
least one of "trusted" for Internal entitles and "non-trusted" for external entities as taught 
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by Schmidt et al. witli a computer implemented method for dynamically provisioning 
computing resources as taught by Gullotta et al. for the purpose of end-to-end QoS. 

Claims 6-8 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Gullotta et al. (US 6985955 B2) in further view of Steegmans (US 6799216 B2). 

Consider claims 6-8, and as applied to claim 1 , above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
Hov^^ever, Gullotta et al., fails to disclose a method including assigning assets to at least 
one of a plurality of security domains, wherein each security domain includes a different 
degree of security controls. Steegmans discloses a method including assigning assets 
to at least one of a plurality of security domains, wherein each security domain includes 
a different degree of security controls (("It is also advantageous that the domain 
manager manages all the resources required by internet connections within the domain 
to which it is assigned. This permits the dynamic assignment of network resources to 
users, as well as the implementation of security checks and charge metering for these 
resources.") column 2 lines 39-44). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including assigning assets to 
at least one of a plurality of security domains, wherein each security domain includes a 
different degree of security controls as taught by Steegmans with a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of dynamic security provisioning. 
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Claim 11, 14, and 23 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gullotta et al. (US 6985955 B2) in further view of Torres et al. (US 20050043961 
A1 ) and in further view of Benfield et al. (US 20030009540 Al ). 

Consider claims 11,14, and 23, and as applied to claim 1 , above. Gullotta et al. 
discloses a computer implemented method for dynamically provisioning computing 
resources. However, Gullotta et al. fails to disclose a method including verifying 
software of at least one of an internal client and external client. Torres et al. discloses a 
method including verifying software of at least one of an internal client and external 
client (("The present invention is enterprise software that provides a configurable, plug- 
and-play solution that will search, analyze, and operate on transactional and historical 
data in real-time across remote and disparate databases. The software has the unique 
ability to discover similarities and non-obvious relationships in data in real-time and 
apply the results of data analysis to an operational environment. It has a flexible 
framework for building a variety of applications that can be configured based on 
application requirements. Using an open API, the framework enables organizations to 
easily incorporate multiple technologies, analytics, software components, and both 
internal and external data sources. The system performs tasks such as decision 
automation, transaction processing, and extraction of knowledge from data sources. It 
can provide the following capabilities: search, analyze, and operate on both 
transactional and historical data in remote, disparate databases; uncover non-obvious 
relationships; find similarities as well as exact matches; apply analytical results in an 
operational environment; easily interoperate with other enterprise applications; combine 
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the results from several different analytics to produce one comprehensive score; search 
and process large amounts of data in real-time; protect data ownership by using remote 
search; ensure technology investment due to the ability to easily update and expand the 
system; operate In serial and parallel environments; protect privacy by returning scores 
instead of actual data; operate on data with different data types, platforms, and formats; 
produce a complete audit trail for all search and analytical results; and quickly and 
easily incorporates multiple analytics, software components, and internal and external 
data sources. The invention enables more accurate and informed decisions; streamlines 
operational processes; increases efficiencies and reduces operational costs; transforms 
data in real-time into useful and useable information; improves customer service and 
customer interaction; and drives more profitable relationships with customers. It may be 
used in business-critical applications including employee background checks, risk 
assessment, fraud detection, data mining, alias identification, market analysis, and 
customer identification. Modular software components provide unique analytical 
capabilities such as link analysis, fuzzy search, similarity scoring and classifications, 
and rules processing as well as a complete decision audit trail. The invention also 
accepts and integrates third party analytics and software components.") paragraph 
0020). Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including verifying software of 
at least one of an internal client and external client as taught by Torres et al. with a 
computer implemented method for dynamically provisioning computing resources as 
taught by Gullotta et al. for the purpose of application-aware provisioning. However, 
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Gullotta et al., as modified by Torres et al., fails to disclose a method of taking inventory 
of an internal and an external network. Benfield et al. discloses a method of taking 
inventory of an internal and an external network (("While firewalls may prevent certain 
entities from obtaining information from the protected internal network, firewalls may 
also present a barrier to the operation of legitimate, useful processes. For example, in 
order to ensure a predetermined level of service, benevolent processes may need to 
operate on both the external network and the protected internal network; a customer 
system is more efficiently managed if the management software can dynamically detect 
and dynamically configure hardware resources as they are installed, rebooted, etc. 
Various types of discovery processes, status polling, status gathering, etc., may be 
used to get information about the customer's large, dynamic, distributed processing 
system. This information is then used to ensure that quality-of-service guarantees to the 
customer are being fulfilled. However, firewalls might block these system processes, 
especially discovery processes.") paragraph 0202). 

Therefore it would have been obvious to a person of ordinary skill in the art at the 
time the invention was made to incorporate a method of taking inventory of an internal 
and an external network as taught by Benfield with a method including verifying 
software of at least one of an internal client and external client and a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al., as modified by Torres et al., for the purpose of identity management. 
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Claims 12 and 21 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gullotta et al. (US 6985955 B2) in further view of Oren et al. (US 20030145093 
A1). 

Consider claims 12 and 21, and as applied to claim 1, above. Gullotta et al. 
discloses a computer implemented method for dynamically provisioning computing 
resources. However, Gullotta et al. fails to disclose a method including applying 
encryption to asset data based on said asset classification. Oren et al. discloses a 
method including applying encryption to asset data based on said asset classification 
(("According to optional but preferred embodiments of the present invention, system 10 
also features an information security system for encrypting and/or authenticating 
classified data defined by the user before transmitting such data from peer device 12 of 
the user. Client module 14 is preferably able to manage renewed sets of security keys 
which are downloaded from central location authority, and particularly from a server 
which acts as the certificate authority of system 10.") paragraph 0083). 

Therefore, It would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including applying encryption 
to asset data based on said asset classification as taught by Oren et al. with a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of thin provisioning and data classification. 

Claim 15 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Grannon (US 20050010671 A1). 
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Consider claim 15, and as applied to claim 1, above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
However, Gullotta et al. fails to disclose a method including storing policies regarding 
processing assets when computing resources are limited due to failures Of at least one 
of software and hardware. Grannon discloses a method including storing policies 
regarding processing assets when computing resources are limited due to failures of at 
least one of software and hardware (("For purposes of illustration and example, the 
MMS software 188 configures itself to be a slave server for redundancy within the 
premises in response to detecting an existing MMS module (namely the MMS software 
120) in another device (namely the personal computer 110). Thus, while the MMS 
software 120 in the personal computer 1 10 Is functioning properly and providing server 
functions, the STB 180 functions as an MMC device. However, the STB 180 keeps a 
copy of media asset and device profile tables to account for which media files are stored 
on all of the devices and how associated memory across the devices is allocated. The 
STB 180 keeps the tables in order to take over as the MMS if the personal computer 
110 should fail. Also for redundancy purposes, the MMS software 120 can manage data 
replication across multiple devices to ensure that identical pieces of data are stored on 
different devices.") paragraph 0026). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a method including storing policies 
regarding processing assets when computing resources are limited due to failures of at 
least one of software and hardware as taught by Grannon with a computer implemented 



Application/Control Number: 1 0/71 1 ,433 Page 20 

Art Unit: 2143 

method for dynamically provisioning computing resources as taught by Gullotta et al. for 
the purpose of application-aware storage. 

Claim 18 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Tredoux et al. (US 20020161904 Al). 

Consider claim 18, and as applied to claim 1, above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
However, Gullotta et al. fails to disclose a system including a server configured to 
communicate with at least one of an internal and external client. Tredoux et al. discloses 
a system including a server, configured to communicate with at least one of an internal 
and external client (("No assumptions need be rendered regarding the network protocol 
used by the external network device client to communicate with the internal network 
device and/or (hidden)server on the protected network. All network traffic, for example 
TCP/IP traffic, is tunneled by the proxy agent 240 through the exemplary HTTP 
. connection between the proxy agent 240 and the external proxy server 250, and there is 
generally no need for them to alter this data, with some notable exceptions. Certain 
protocols can require special treatment, particularly HTTP itself. The use of embedded 
hyperlinks in HTML pages implies that a client may be redirected by a link to an 
inaccessible URL hidden behind the security device/firewall 20, away from the external 
proxy server 250 which enables its access to the hidden network. To prevent or 
minimize such undesirable redirection, a web browser / external device 230 can be 
configured (through standard browser settings) to use the external proxy server 250 as 
a true HTTP proxy server, using the local port on the server described above. This 
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ensures that all HTTP requests are forwarded intact and uninterpreted to the external 
proxy server 250, which passes those requests to the proxy agent 240. The agent 240 
retrieves the requested URLs, which are directly accessible to it since it is behind the 
firewall 20.") paragraph 0033). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a system including a server configured 
to communicate with at least one of an internal and external client as taught by Tredoux 
et al. with a computer implemented method for dynamically provisioning computing 
resources as taught by Gullotta et al. for the purpose of class-based provisioning. 

Claims 19 and 24 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Gullotta et al. (US 6985955 B2) in further view of Elliot et al. (US 20020064149 
Al). 

Consider claims 19 and 24, and as applied to claim 1 , above. Gullotta et al. 
discloses a computer implemented method for dynamically provisioning computing 
resources. However, Gullotta et al. fails to disclose a system including a domain 
database configured to store domain rules and policies. Elliot et al. discloses a system 
including a domain database configured to store domain rules and policies (("Data 
recovery of failed databases is needed in real time.") paragraph 0757 ("Data 
Administration (dbAdmin) 2238 involves setting data policy, managing the logical and 
physical aspect of the databases, and securing and configuring the functional 
components of the Data Management 2138 domain. Data Management policies include 
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security, distribution, integrity rules, performance requirements, and control of 
replications and partitions. dbAdmin 2238 includes the physical control of data 
resources such as establishing data locations, allocating physical storage, allocating 
memory, loading data stores, optimizing access paths, and fixing database problems. 
dbAdmin 2238 also provides for logical control of data such as auditing, reconciling, 
migrating, cataloguing, and converting data.") paragraph 1002). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a system including a domain database 
configured to store domain rules and policies as taught by Elliot et al. with a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of a classification database. 

Claim 20 is rejected under 35 U.S.C. 103(a) as being unpatentable over Gullotta 
et al. (US 6985955 B2) in further view of Baba et al. (US 20060168253 Al). 

Consider claim 20, and as applied to claim 1 , above. Gullotta et al. discloses a 
computer implemented method for dynamically provisioning computing resources. 
However, Gullotta et al. fails to disclose a system including a connection manager 
configured to direct at least one of an internal client and external client to comply with 
software requirements. Baba et al. discloses a system including a connection manager 
configured to direct at least one of an internal client and external client to comply with 
software requirements (("An application gateway 110 having a firewall function of 
limiting accesses from devices connected to the external network 120 is provided 
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between the external network 120 and the internal network constituted of the home 
network 100. The application gateway checks a communication packet in an application 
layer upon receiving an access request from the external network so as to perform 
filtering.") paragraph 0097). 

Therefore, it would have been obvious for a person of ordinary skill in the art at 
the time the invention was made to incorporate a system including a connection 
manager configured to direct at least one of an internal client and external client to 
comply with software requirements as taught by Baba et al. with a computer 
implemented method for dynamically provisioning computing resources as taught by 
Gullotta et al. for the purpose of class-based provisioning. 

Conclusion 

Any response to this Office Action should be faxed to (571) 273-8300 or mailed 

to: 

Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 



Hand-delivered responses should be brought to 

Customer Service Window 
Randolph Building 
401 Dulany Street 
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Alexandria, VA 22314 

Any inquiry concerning this communication or earlier communications from the 
Examiner should be directed to Mark Fearer whose telephone number is (571) 270- 
1770. The Examiner can normally be reached on Monday-Thursday from 7:30am to 
5:00pm. 

If attempts to reach the Examiner by telephone are unsuccessful, the Examiner's 
supervisor, David Wiley can be reached on (571) 272-3923. The fax phone number for 
the organization where this application or proceeding is assigned is (571) 273- 
8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free) or 571-272-4100. 

Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist/customer service whose telephone 
number is (571)272-2600. 
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